Skills
skills/laurigates/claude-plugins/meta-audit/Gen Agent Trust Hub

meta-audit

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses dynamic context injection via shell commands to locate configuration files within the project structure. These commands are hardcoded, restricted to the .claude/agents directory, and do not involve network access or sensitive file exposure.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests and processes data from external agent configuration files. While this data could contain malicious instructions, the skill's limited toolset and read-only nature minimize potential risks.
  • Ingestion points: Agent configuration files read during the discovery phase.
  • Boundary markers: No explicit markers or warnings are used when processing the content of identified files.
  • Capability inventory: The skill uses Glob, Read, and TodoWrite for analysis and reporting. It has no capabilities for code execution or network operations.
  • Sanitization: There is no evidence of sanitization or validation of the ingested content before it is processed for the audit report.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 08:12 AM
Security Audit — agent-trust-hub — meta-audit